<?php
/*
 * Copyright 2007 by Aleksander Adamowski
 * This software is licensed under GPL v.3.0.
 * See the included file "LICENSE" for details.
 * 
 * This script contains search form and results list for LDAP directory.
 */
Header("Content-type: text/html; charset=UTF-8"); 
require_once 'nocache.php';
require_once 'config.php';
?>
<HTML>
<HEAD>
<TITLE> LDAP Addressbook </TITLE>
<?php
require_once 'style.php';
?>
</HEAD>
<BODY>

<P>
Enter a fragment of name or mail address:
<form action="" method="GET">
<?php
if (isset($_GET['search'])) {
  $search = $_GET['search'];
  $search = preg_replace('/[^-_a-zA-Z0-9ęóąśłżźćńĘÓĄŚŁŻŹĆŃ]/', '', $search);
  echo "<input name=\"search\" type=\"text\" value=\"".htmlspecialchars($search)."\"/>";
  echo '<input  type="submit" value="Search" />';

  $ds = ldap_connect($LDAP_SERVER);
  $sr = ldap_search($ds, $LDAP_PEOPLE, "(|(cn=*$search*)(sn=*$search*)(gn=*$search*)(uid=*$search*)(mail=*$search*))", array('uid', 'cn'));
  $entries = ldap_get_entries( $ds, $sr );
  foreach ($entries as $entry) {
    if (! isset($entry['uid'])) {
      continue;
    }
    $uid = $entry['uid'][0];
    echo '<P>';
    echo ' <A HREF="ldap_entry.php?uid='.htmlspecialchars($uid).'">';
    echo htmlspecialchars($entry['cn'][0]);
    echo " (".htmlspecialchars($uid).") ";
    echo ' </A> ';
		// Admins can change anybody's data:
		if ($_SERVER['PHP_AUTH_USER'] == $uid || $LDAP_PHOTO_ADMINS[$_SERVER['PHP_AUTH_USER']] == 1) {
			echo ' -> <A HREF="ldap_entry.php?oper=change_photo&uid='.htmlspecialchars($uid).'">Change data (photo, phone)</A> ';
		}
    echo "</P>\n";
  }
} else {
  ?>
    <input name="search" type="text" />
    <input  type="submit" />
    <?php
}
?>
</form>
</P>

</BODY>
</HTML>
